Privacy Policy

Introduction

This Privacy Policy describes how Roumr ("Roumr", "we", "us", or "our") collects, uses, and protects information about you when you visit roumr.com or use any Roumr application or service.

By using our website or services, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use our services.

Information We Collect

We collect information you provide directly and information generated automatically when you use our services.

• —Contact form: name, email address, and the message you send us.
• —Account registration: email address and password (stored as a hashed value — never in plaintext).
• —Server logs: IP address, browser type, operating system, referring URLs, and timestamps generated automatically by our infrastructure.

How We Use Your Information

We use the information we collect to operate and improve our services.

• —Respond to inquiries submitted via the contact form.
• —Create and maintain your account if you register for a Roumr application.
• —Ensure the security and integrity of our systems.
• —Comply with applicable legal obligations.

Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, we process your personal data under the following lawful bases:

• —Legitimate interest: responding to contact form inquiries, where our interest in replying does not override your rights.
• —Contract performance: operating your account and delivering services you have requested.
• —Legal obligation: where we are required by law to process or retain your data.

How We Share Your Information

We do not sell, rent, or trade your personal data. We share information only in limited circumstances:

• —Service providers: infrastructure partners (hosting, transactional email) who process data on our behalf under strict data processing agreements.
• —Legal requirements: when required by law, court order, or to protect the rights, property, or safety of Roumr, our users, or the public.

Data Retention

We retain personal data only as long as necessary for the purposes described in this policy.

• —Contact form submissions: retained for up to 2 years from the date of receipt.
• —Account data: retained for the duration of your account, plus 90 days following account deletion.
• —Server logs: retained on a rolling 90-day basis.

Your Rights — GDPR (EU / UK)

If you are located in the EEA or United Kingdom, you have the following rights under the General Data Protection Regulation (GDPR):

• —Right of access: request a copy of the personal data we hold about you.
• —Right to rectification: request correction of inaccurate or incomplete data.
• —Right to erasure: request deletion of your personal data, subject to legal retention requirements.
• —Right to data portability: receive your data in a structured, machine-readable format.
• —Right to restriction: request that we limit how we use your data.
• —Right to object: object to processing based on legitimate interests.
• —Right to lodge a complaint: contact your local supervisory authority if you believe your rights have been violated.

Your Rights — CCPA (California)

If you are a California resident, the California Consumer Privacy Act (CCPA) grants you the following rights:

• —Right to know: request disclosure of the categories and specific pieces of personal information we have collected about you.
• —Right to delete: request deletion of your personal information, subject to certain exceptions.
• —Right to opt out of sale: Roumr does not sell personal information. No opt-out action is required.
• —Right to non-discrimination: we will not discriminate against you for exercising any of these rights.

Your Rights — PIPEDA (Canada)

If you are located in Canada, the Personal Information Protection and Electronic Documents Act (PIPEDA) provides you with the following rights:

• —Right of access: request access to the personal information we hold about you and how it is used.
• —Right to correction: request that we correct inaccurate personal information.

Cookies & Tracking

We use only functional session cookies necessary for our services to operate. We do not use advertising cookies, retargeting pixels, third-party tracking scripts, or browser fingerprinting.

Most browsers allow you to control cookies through their settings. Disabling session cookies may affect the functionality of account-based services.

Data Security

We implement appropriate technical and organisational measures to protect your personal information.

• —All data is transmitted over encrypted connections (TLS).
• —Passwords are stored as cryptographic hashes and are never held in plaintext.
• —Access to personal data is restricted to personnel who require it to operate our services.

International Data Transfers

Roumr's infrastructure providers are located in the United States. If you access our services from the EEA, United Kingdom, or Canada, your data may be transferred to and processed in a country with different data protection laws.

For transfers from the EEA or United Kingdom, we rely on Standard Contractual Clauses approved by the European Commission as the lawful transfer mechanism.

Changes & Contact

We may update this Privacy Policy from time to time. Material changes will be communicated to account holders by email and noted on this page with an updated effective date. Continued use of our services after changes take effect constitutes acceptance of the updated policy.

For privacy-related questions, requests, or concerns, contact us at admin@roumr.com.